BlackBerry Swipes At Android Security

BlackBerry CEO John Chen took a swipe at Google this week, suggesting the Android-maker's new security push is too little, too late. In today's world of BYOD, Chen says businesses need to prioritize security from the start, not add it after the fact.

Android For Work will be built into Android Release L, and will also be available separately for earlier versions of Android going back to Ice Cream Sandwich. Google is relying a bit on the hard work done by Samsung to entice businesses by adopting portions of Samsung's Knox security platform. With Android For Work, businesses can separate work data from personal data through containerization. The segregated data can be managed from the IT admin console and locked, wiped, or restored as needed without touching the owner's personal information.

Android For Work also allows for the bulk installation of apps to an entire fleet of devices. According to Google, companies won't have to modify their apps to function within the Android For Work environment.

It's a big step forward for Android, one that should make it more attractive to businesses. In a blog post, BlackBerry's Chen contends Google's efforts are a good first step, but are only the start.

"At Google's I/O developer conference, the company said it would do several things to boost Android's security. Most prominently, this includes separating work and personal apps and data in coming versions of Android by leveraging Samsung's Knox containerization technology," said Chen. "I'm delighted by this first step. The need to improve Android's security was clear. And it validates what we at BlackBerry have been saying all along about the potential perils that businesses face in the BYOD era."

As Chen points out, however, Knox's success can be described as limited at best. Fewer than 2 million Samsung devices are actually running Knox. To put that in some perspective, Samsung sells between 75 million and 90 million smartphones per quarter.

"Tens of millions of BlackBerry devices are trusted every day by Fortune 1000 firms worldwide," said Chen. "Our BES software dominates the enterprise mobility management space, with more business customers than our top three competitors combined. And while Knox tries to build a fortress upon an insecure foundation, BlackBerry's entire infrastructure is constructed upon a multi-decade bedrock of mobile management and security expertise."

Chen's blog then devolves into a long-winded and analyst-backed pitch for BlackBerry's products and services. Comparing Android's numbers to BlackBerry's, however, shows just how much impact BlackBerry's security focus has in the real world.

During its I/O keynote, Google's Sundar Pichai said there are more than 1 billion active Android devices on planet Earth. That's a device for one out of every seven people on the planet. Android owns more than two-thirds of the global market for smartphones. By Chen's own admission, BlackBerry's presence in the market has dwindled to just tens of millions of users. Its worldwide share has fallen to about 3%. Microsoft's Windows Phone platform, which is struggling for relevance, now outsells BlackBerry.

"While we applaud Google and Samsung for their plans, we don't think it's enough for security-minded enterprises. Don't be dazzled by those who can talk the security talk. Instead, look to the company that has proven repeatedly it can walk the walk," concluded Chen.

There's no doubt BlackBerry's model offers strong security. For many businesses, however, Android L and Samsung's Knox may be secure enough. Sometimes secure-enough is all the security you need.

What do you think? Are Chen's comments warranted, or do they come off as sour grapes from a cast-aside has-been?

Most IT teams have their conventional databases covered in terms of security and business continuity. But as we enter the era of big data, Hadoop, and NoSQL, protection schemes need to evolve. In fact, big data could drive the next big security strategy shift. Get the 6 Tools To Protect Big Data report today (registration required).

Eric is a freelance writer for InformationWeek specializing in mobile technologies. View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.

@Les Beyond its incompetence, Blackberry appears to be making the even harder to explain move of mocking other companies that are more successful.

Blackberry seems to forget that market share renders a lot of other points moot, including product superiority. All of us know scads of products and services that had advantages over companies who were leaders at the time, but couldn't get it together enough to be a sincere challenger.

This just sounds like another example of this with a layer of "sour grapes" on the top.

"So why is Blackberry upset? They have reliability issues due to the design of having everything go through their data-center. This channel has failed more than once. Lesson learned, single point of failure bad. The android mechanism provides a mechanism to "privatize" the key data synchronization into each"

These are very good points, and one of the reasons I was very happy to finally turn off the last company owned Blackberry device a few years ago and to shut down our BES server. Blackberry put a good deal of emphasis on controlling the software, data and connection but the outages were more than just a little irritating. I think everyone has been waiting for Apple and Google to get a better mobile management system implemented but we have also realized that we can survive without a Blackberry style implementation. We've started looking at smartphones as little laptops and treat them the same way.

To make a successful hybrid of business and personal data and devices segmentation and proper authoritative control is a key element. I give a standing ovation (of one, me at least) to Google for actually starting the development of the key controls in this element that has actually been needed for decades. (yeah, laptops needed it but never got it back in the day) I see this as a core "feature" technology mechanism that will be taken for granted within the next five years.

So what should this really look like from a use-case point of view. I believe that enterprise IT needs the authority and immediate ability to protect the corporate intellectual property (and devices) through the tools of absolute policy control and ability to "scrub" a remote data island, but only for what belongs to the company. The IT department needs these tools to fulfill it's part of the mission in protecting corporate assets while meeting the desires of the social mission in allowing personally owned and customized technology for user convenience. (BYOD is a much abused meaningless catch-phrase, please quit using it)Creating the built in separation of business and personal gives IT a standardized mechanism that we have have had to customize and crowbar wedge into devices before or just blanket take ownership and responsibility for the entire device.

So why is Blackberry upset? They have reliability issues due to the design of having everything go through their data-center. This channel has failed more than once. Lesson learned, single point of failure bad. The android mechanism provides a mechanism to "privatize" the key data synchronization into each enterprise's IT department or spread out the load across the massive Google data center architecture. This means much lower risk as a platform, and lower isolated failures (if a company has a server go down, no one else's businesses are affected) Versus, Every single hand-held in the market experiencing an outage of sync data because Blackberry data service centers are getting DDOS attacks. Yet if I was Blackberry, I would be nervous too; but rather than whining, I would look to learn from Google and build upon it.

to add to your comment, I think that fact that BB is lashing out at Google is evidence enough that they know they're in trouble. In the past they dominated there aspect of the industry, and now the only piece of the pie they have left, there are companies trying to get there hands on it....so it's of no surprise that Google is trying to gain traction in the enterprise.

I also agree that BB is one of those companies that'll be remember for it's successes and failures.

The BYOD concept can be intimidating for IT staff, but there are strategies to minimize security risks and device management headaches. HTML5 technologies can allow users to connect to applications and systems without requiring IT staff to install anything on user devices. For example, Ericom AccessNow is an HTML5 RDP client that enables remote users to securely connect from iPads, iPhones and Android devices to any RDP host, including Terminal Server and VDI virtual desktops, and run their applications and desktops in a browser. This enhances security by keeping applications and data separate from personal devices.

Since AccessNow doesn't require any software installation on the end user device IT staff end up with less support hassles. Any user that brings in their own device merely opens their HTML5-compatible browser and connects to the URL given them by the IT admin.

LIke you say Stratustician, those companies that allow the discussion to be around what employees choose to bring in from home, focusing on ease-of-experience over security, will sadly be those in the news most often with exposures of their intellectual property, customer or employee private data. I don't disagree that BYOD shapes policy - there's nothing new in a disruptive technology changing behavior - but it's sad to see some companies abandon policy alltogether in the interests of saving the cash that would buy their tethered employees a device. That's very short-term, pedestrian and dangerous thinking. Some companies will do that but it's no reason to think it's acceptable. Maybe they won't last long. I challenge the actual numbers of companies, Fortune 1000 companies, allowing "ANY" device. I suspect it's not as many as very small companies who nickel and dime their financial reports. "If you think security is expensive, try going without."

While it's easy to focus on who has the better security offering, the real discussion will still be around what types of devices employees want to use. If organizations have higher ratios of one mobile OS, that will most likely shape their security policies. Whether the solution is as solid as another isn't sadly the main discussion anymore.

I'd like to hear about battery life and responsiveness directly from people who own iPhones and Androids that have MDM clients on them and that have no hardware encryption chip. I've been told by many that their personally owned phones, that were not designed to run MDM 24/7, are slow and must be charged every six to eight hours. But I'd be posting hearsay in a forum so prefer real statistics. A device designed for the consumer doesn't usually fare well in corporate use, just as using your personal vehicle for a 40 hour work week proves not to be the best tool for the job. It's not a simple matter of software upgrade.

BYOD demands that IT support all of the devices. BB can talk trash all it wants but after the major missteps it's made is it smart? It will not shame consumers into buying its products, especially when their confidence in BB has been eroded, and may anger IT professionals. There is a long history of products that disappeared because management made poor decisions. BB is likely to be one of those.